CVE Midnight Baseline #610
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Github Action for midnight baseline releases | |
| name: CVE Midnight Baseline | |
| on: | |
| # at midnight (UTC) every night | |
| schedule: | |
| - cron: '0 0 * * *' | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| inputs: | |
| logLevel: | |
| description: 'Log level' | |
| required: false | |
| default: 'debug' | |
| params: | |
| description: 'command line arguments to build a baseline' | |
| required: false | |
| default: '' | |
| jobs: | |
| generate-name: | |
| environment: development | |
| runs-on: ubuntu-latest | |
| outputs: | |
| v_current_run_timestamp: ${{ steps.get-timestamp.outputs.out }} | |
| steps: | |
| - name: generate-name | |
| id: get-timestamp | |
| run: echo "out=$(date '+%Y-%m-%d')" >> $GITHUB_OUTPUT | |
| create_artifacts: | |
| needs: generate-name | |
| environment: development | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: clone cves | |
| uses: actions/checkout@v3 | |
| - name: tag repository | |
| run: | | |
| git tag ${{ needs.generate-name.outputs.v_current_run_timestamp }}_baseline | |
| git push origin ${{ needs.generate-name.outputs.v_current_run_timestamp }}_baseline | |
| - name: build cves for zip download | |
| run: | | |
| pwd | |
| ls -al | |
| zip -r cves.zip ./cves -x "*/\.*" | |
| # do a subset | |
| # zip -r cves.zip ./cves/1999 -x "*/\.*" | |
| - name: Use the Upload Artifact GitHub Action | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: ${{ needs.generate-name.outputs.v_current_run_timestamp }}_all_CVEs_at_midnight.zip | |
| path: ./cves.zip | |
| create_release: | |
| needs: [generate-name, create_artifacts] | |
| environment: development | |
| runs-on: ubuntu-latest | |
| steps: | |
| # - name: create release | |
| # id: create_release | |
| # uses: actions/create-release@v1 | |
| # env: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # with: | |
| # tag_name: cve_${{ needs.generate-name.outputs.v_current_run_timestamp }} | |
| # release_name: CVE Release ${{ needs.generate-name.outputs.v_current_run_timestamp }} | |
| # draft: false | |
| # prerelease: false | |
| # # make_latest: true | |
| - name: Update release notes | |
| run: echo "CVEs updated" > release_notes.md | |
| - name: create release with source code as artifacts | |
| uses: softprops/action-gh-release@v1 | |
| with: | |
| name: CVE ${{ needs.generate-name.outputs.v_current_run_timestamp }} | |
| # body: Descriptions for CVE ${{ needs.generate-name.outputs.v_current_run_timestamp }} goes here | |
| body_path: ./release_notes.md | |
| tag_name: cve_${{ needs.generate-name.outputs.v_current_run_timestamp }} | |
| files: | | |
| release_notes.md | |
| update_log.md | |
| ${{ needs.generate-name.outputs.v_current_run_timestamp }}_all_CVEs_at_midnight.zip | |
| recent_activities.json |